JP5719244B2 - 安全に管理された仮想マシンの実行環境を構築する方法、プログラムおよびコンピュータ装置 - Google Patents

安全に管理された仮想マシンの実行環境を構築する方法、プログラムおよびコンピュータ装置 Download PDF

Info

Publication number
JP5719244B2
JP5719244B2 JP2011143993A JP2011143993A JP5719244B2 JP 5719244 B2 JP5719244 B2 JP 5719244B2 JP 2011143993 A JP2011143993 A JP 2011143993A JP 2011143993 A JP2011143993 A JP 2011143993A JP 5719244 B2 JP5719244 B2 JP 5719244B2
Authority
JP
Japan
Prior art keywords
mode
application
key
unit
drawing command
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
JP2011143993A
Other languages
English (en)
Japanese (ja)
Other versions
JP2013012018A (ja
JP2013012018A5 (enrdf_load_stackoverflow
Inventor
実裕 古市
実裕 古市
拓 荒津
拓 荒津
政美 多田
政美 多田
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
International Business Machines Corp
Original Assignee
International Business Machines Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by International Business Machines Corp filed Critical International Business Machines Corp
Priority to JP2011143993A priority Critical patent/JP5719244B2/ja
Priority to GB1209077.5A priority patent/GB2492448B/en
Priority to US13/488,369 priority patent/US8595511B2/en
Priority to DE102012210887.4A priority patent/DE102012210887B4/de
Publication of JP2013012018A publication Critical patent/JP2013012018A/ja
Publication of JP2013012018A5 publication Critical patent/JP2013012018A5/ja
Application granted granted Critical
Publication of JP5719244B2 publication Critical patent/JP5719244B2/ja
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/445Program loading or initiating
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/606Protecting data by securing the transmission between two devices or processes
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45587Isolation or security of virtual machine instances
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)
  • Stored Programmes (AREA)
  • Computer And Data Communications (AREA)
JP2011143993A 2011-06-29 2011-06-29 安全に管理された仮想マシンの実行環境を構築する方法、プログラムおよびコンピュータ装置 Expired - Fee Related JP5719244B2 (ja)

Priority Applications (4)

Application Number Priority Date Filing Date Title
JP2011143993A JP5719244B2 (ja) 2011-06-29 2011-06-29 安全に管理された仮想マシンの実行環境を構築する方法、プログラムおよびコンピュータ装置
GB1209077.5A GB2492448B (en) 2011-06-29 2012-05-24 Constructing safely managed virtual machine execution environment, program and computer apparatus
US13/488,369 US8595511B2 (en) 2011-06-29 2012-06-04 Securely managing the execution of screen rendering instructions in a host operating system and virtual machine
DE102012210887.4A DE102012210887B4 (de) 2011-06-29 2012-06-26 Verfahren zum Einrichten einer sicher verwalteten Ausführungsumgebung für eine virtuelle Maschine und eine Computervorrichtung

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
JP2011143993A JP5719244B2 (ja) 2011-06-29 2011-06-29 安全に管理された仮想マシンの実行環境を構築する方法、プログラムおよびコンピュータ装置

Publications (3)

Publication Number Publication Date
JP2013012018A JP2013012018A (ja) 2013-01-17
JP2013012018A5 JP2013012018A5 (enrdf_load_stackoverflow) 2014-08-14
JP5719244B2 true JP5719244B2 (ja) 2015-05-13

Family

ID=46546537

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2011143993A Expired - Fee Related JP5719244B2 (ja) 2011-06-29 2011-06-29 安全に管理された仮想マシンの実行環境を構築する方法、プログラムおよびコンピュータ装置

Country Status (4)

Country Link
US (1) US8595511B2 (enrdf_load_stackoverflow)
JP (1) JP5719244B2 (enrdf_load_stackoverflow)
DE (1) DE102012210887B4 (enrdf_load_stackoverflow)
GB (1) GB2492448B (enrdf_load_stackoverflow)

Families Citing this family (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP5719244B2 (ja) * 2011-06-29 2015-05-13 インターナショナル・ビジネス・マシーンズ・コーポレーションInternational Business Machines Corporation 安全に管理された仮想マシンの実行環境を構築する方法、プログラムおよびコンピュータ装置
CN103294970B (zh) * 2012-02-23 2015-12-09 纬创资通股份有限公司 双操作系统共用加密设定的方法以及电子装置
CN103294545B (zh) 2012-02-23 2017-07-04 纬创资通股份有限公司 切换双操作系统的方法以及电子装置
CN103294562B (zh) 2012-02-23 2017-03-01 纬创资通股份有限公司 双操作系统共用周边装置的方法以及电子装置
US8839447B2 (en) * 2012-02-27 2014-09-16 Ca, Inc. System and method for virtual image security in a cloud environment
US8938612B1 (en) * 2013-07-31 2015-01-20 Google Inc. Limited-access state for inadvertent inputs
CN104169939B (zh) * 2013-11-12 2017-02-15 华为技术有限公司 一种实现虚拟化安全的方法和系统
US9641488B2 (en) * 2014-02-28 2017-05-02 Dropbox, Inc. Advanced security protocol for broadcasting and synchronizing shared folders over local area network
US9158909B2 (en) 2014-03-04 2015-10-13 Amazon Technologies, Inc. Authentication of virtual machine images using digital certificates
KR102490331B1 (ko) * 2014-12-16 2023-01-18 킨디 인코포레이티드 컴퓨터 인스트럭션 세트, 메모리 레지스터 및 포인터를 랜덤화하기 위한 방법 및 장치
US10185480B1 (en) * 2015-06-15 2019-01-22 Symantec Corporation Systems and methods for automatically making selections in user interfaces
US9767318B1 (en) * 2015-08-28 2017-09-19 Frank Dropps Secure controller systems and associated methods thereof
US12339979B2 (en) 2016-03-07 2025-06-24 Crowdstrike, Inc. Hypervisor-based interception of memory and register accesses
US12248560B2 (en) * 2016-03-07 2025-03-11 Crowdstrike, Inc. Hypervisor-based redirection of system calls and interrupt-based task offloading
JP6329331B1 (ja) * 2016-07-04 2018-05-23 株式会社Seltech 人工知能を有するシステム
CN109445902B (zh) * 2018-09-06 2021-05-07 新华三云计算技术有限公司 一种数据操作方法和系统

Family Cites Families (47)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5752005A (en) 1996-01-22 1998-05-12 Microtest, Inc. Foreign file system establishing method which uses a native file system virtual device driver
US20050144072A1 (en) * 1996-10-25 2005-06-30 Perkowski Thomas J. Internet-based brand management and marketing communication instrumentation network for deploying, installing and remotely programming brand-building server-side driven multi-mode virtual kiosks on the World Wide Web (WWW), and methods of brand marketing communication between brand marketers and consumers using the same
JPH10301874A (ja) * 1997-04-22 1998-11-13 Internatl Business Mach Corp <Ibm> 遠隔操作方法、ネットワークを介して端末から遠隔操作されるサーバ及びhtmlファイルを格納する記憶媒体
US6356915B1 (en) 1999-02-22 2002-03-12 Starbase Corp. Installable file system having virtual file system drive, virtual device driver, and virtual disks
US7814335B2 (en) * 1999-03-18 2010-10-12 Dell Products L.P. System and method for installing system manufacturer provided software
US20080021778A1 (en) * 1999-04-21 2008-01-24 Ipf, Inc. Web-based brand marketing communication network for enabling e-commerce transactions using Multi-Mode Virtual Kiosks (MMVKS)
US7844492B2 (en) * 1999-11-17 2010-11-30 Ipf, Inc. Internet-based E-commerce network for enabling commission-based E-commerce transactions along the fabric of the world wide web (WWW) using server-side driven multi-mode virtual kiosks (MMVKS) and transaction and commission tracking servers
US6731756B1 (en) * 1999-06-21 2004-05-04 Elisar Software Corporation, Inc. Method for securing video images
WO2001050244A1 (en) * 2000-01-06 2001-07-12 Chan Kam Fu Running microsoft windows 95/98 on ramdisk
US20110238506A1 (en) * 2000-01-14 2011-09-29 Perkowski Thomas J Internet-based brand marketing communication network for enabling commission-based e-commerce transactions along the fabric of the world wide web (www) using server-side driven multi-mode virtual kiosks (mmvks)
US9213836B2 (en) * 2000-05-28 2015-12-15 Barhon Mayer, Batya System and method for comprehensive general electric protection for computers against malicious programs that may steal information and/or cause damages
US7117504B2 (en) * 2001-07-10 2006-10-03 Microsoft Corporation Application program interface that enables communication for a network software platform
US7603440B1 (en) * 2001-11-09 2009-10-13 Persystent Technology Corporation System and method for management of end user computing devices
US6978439B2 (en) 2002-01-10 2005-12-20 Microsoft Corporation Cross-platform software development with a software development peripheral
US20040024710A1 (en) * 2002-03-07 2004-02-05 Llavanya Fernando Secure input pad partition
US20030236889A1 (en) * 2002-06-25 2003-12-25 Microsoft Corporation Data projection system and method
US7673308B2 (en) 2002-11-18 2010-03-02 Symantec Corporation Virtual OS computing environment
US8141159B2 (en) * 2002-12-31 2012-03-20 Portauthority Technologies Inc. Method and system for protecting confidential information
US9003295B2 (en) 2003-03-17 2015-04-07 Leo Martin Baschy User interface driven access control system and method
US8205072B1 (en) * 2003-07-22 2012-06-19 Cisco Technology, Inc. Method and apparatus for electronically configuring a secured user desktop
US20060004667A1 (en) * 2004-06-30 2006-01-05 Microsoft Corporation Systems and methods for collecting operating system license revenue using an emulated computing environment
JP4765485B2 (ja) 2005-08-26 2011-09-07 ソニー株式会社 情報処理装置、情報記録媒体、および情報処理方法、並びにコンピュータ・プログラム
CN101310285B (zh) 2005-11-17 2011-09-07 皇家飞利浦电子股份有限公司 用于管理访问控制的系统
US20070283389A1 (en) * 2006-06-01 2007-12-06 Sharp Laboratories Of America, Inc. Method and system for helping operate a media-playing set
WO2007114456A1 (en) * 2006-03-29 2007-10-11 Casio Computer Co., Ltd. Server apparatus of computer system
JP4140920B2 (ja) 2006-04-20 2008-08-27 インターナショナル・ビジネス・マシーンズ・コーポレーション 個人情報の保護を支援する情報処理装置
US8479264B2 (en) * 2006-09-29 2013-07-02 Micron Technology, Inc. Architecture for virtual security module
US7987506B1 (en) * 2006-11-03 2011-07-26 Cisco Technology, Inc. Methods and systems for dynamically updating a routing table in a virtual private network
JP4998019B2 (ja) * 2007-03-06 2012-08-15 富士通株式会社 状態表示制御装置
EP2137629A4 (en) 2007-03-20 2010-12-29 Sanggyu Lee MOBILE VIRTUAL MACHINE IMAGE
JP4938576B2 (ja) 2007-07-24 2012-05-23 日本電信電話株式会社 情報収集システムおよび情報収集方法
JP4287485B2 (ja) 2007-07-30 2009-07-01 日立ソフトウエアエンジニアリング株式会社 情報処理装置及び方法、コンピュータ読み取り可能な記録媒体、並びに、外部記憶媒体
JP2009049679A (ja) 2007-08-20 2009-03-05 Fuji Xerox Co Ltd 画像処理装置、画像処理装置制御プログラム及び画像処理システム
US20090158190A1 (en) * 2007-12-13 2009-06-18 Yuvee, Inc. Computing apparatus including a personal web and application assistant
CN101990661B (zh) * 2007-12-28 2013-11-06 松下电器产业株式会社 通信装置、通信系统、图像提示方法以及程序
JP5176655B2 (ja) * 2008-03-31 2013-04-03 富士通株式会社 画像復号化装置
CA2661398C (en) 2008-04-05 2016-05-17 Third Brigade Inc. System and method for intelligent coordination of host and guest intrusion prevention in virtualized environment
US20100058082A1 (en) * 2008-08-27 2010-03-04 Lenovo (Singapore) Ple., Ltd. Maintaining network link during suspend state
US8627075B2 (en) * 2008-12-26 2014-01-07 Panasonic Corporation Communication device that receives external device information from an external device using near field communication
JP5235764B2 (ja) 2009-04-16 2013-07-10 株式会社日立製作所 Icチップおよびこれを搭載した情報処理装置
EP2264529A3 (en) * 2009-06-16 2011-02-09 ASML Netherlands B.V. A lithographic apparatus, a method of controlling the apparatus and a method of manufacturing a device using a lithographic apparatus
CN102132579A (zh) * 2009-06-26 2011-07-20 松下电器产业株式会社 通信装置
JP2011048661A (ja) * 2009-08-27 2011-03-10 Nomura Research Institute Ltd 仮想サーバ暗号化システム
EP2508999A4 (en) * 2009-11-30 2014-03-05 Panasonic Corp PORTABLE COMMUNICATION DEVICE, COMMUNICATION PROCESS, INTEGRATED CIRCUIT AND PROGRAM
US8370510B2 (en) 2009-12-18 2013-02-05 Microsoft Corporation Remote application presentation over a public network connection
US20120133484A1 (en) * 2010-11-29 2012-05-31 Research In Motion Limited Multiple-input device lock and unlock
JP5719244B2 (ja) * 2011-06-29 2015-05-13 インターナショナル・ビジネス・マシーンズ・コーポレーションInternational Business Machines Corporation 安全に管理された仮想マシンの実行環境を構築する方法、プログラムおよびコンピュータ装置

Also Published As

Publication number Publication date
GB2492448A (en) 2013-01-02
DE102012210887B4 (de) 2022-12-15
US20130007469A1 (en) 2013-01-03
DE102012210887A1 (de) 2013-01-03
GB2492448B (en) 2013-05-15
JP2013012018A (ja) 2013-01-17
GB201209077D0 (en) 2012-07-04
US8595511B2 (en) 2013-11-26

Similar Documents

Publication Publication Date Title
JP5719244B2 (ja) 安全に管理された仮想マシンの実行環境を構築する方法、プログラムおよびコンピュータ装置
JP4089171B2 (ja) 計算機システム
JP5992457B2 (ja) オペレーティングシステムのコンフィグレーション値の保護
US8387109B2 (en) Access control state determination based on security policy and secondary access control state
US8745386B2 (en) Single-use authentication methods for accessing encrypted data
JP4982825B2 (ja) コンピュータおよび共有パスワードの管理方法
JP5635993B2 (ja) モバイル装置とコンピュータを組み合わせ、安全な個人ごとの環境を生成する装置および方法
JP5429157B2 (ja) 機密情報漏洩防止システム及び機密情報漏洩防止方法
US9244705B1 (en) Intelligent micro-virtual machine scheduling
JP2008171389A (ja) ドメイン・ログオンの方法、およびコンピュータ
KR20150144312A (ko) 보안 저장 영역에 대한 응용 프로그램의 접근 제어 방법 및 장치
JP6270780B2 (ja) データ管理装置、データ管理方法、及びデータ管理プログラム
JP4538838B1 (ja) 仮想シンクライアント化装置、仮想シンクライアント化システム、仮想シンクライアント化プログラム、及び仮想シンクライアント化方法
JP5282879B2 (ja) プライバシ情報保護システムとその方法
JP2009169868A (ja) 記憶領域アクセス装置及び記憶領域のアクセス方法
JP2008083886A (ja) 機密情報漏洩防止方法及びシステム
KR100911345B1 (ko) 컨텐츠 보안 방법 및 그 장치
JP2011040044A (ja) 仮想シンクライアント化装置、仮想シンクライアント化システム、仮想シンクライアント化プログラム、及び仮想シンクライアント化方法
JP6957311B2 (ja) 情報漏洩防止装置、及び情報漏洩防止プログラム
JP4746993B2 (ja) 情報処理装置、セキュリティシステム、書込み先切替方法、プログラム
JP2011039716A (ja) 情報記憶媒体、情報システム
CN117034330B (zh) 基于macOS的安全防护方法、设备及存储介质
JP2009245325A (ja) セキュリティ管理サーバ、セキュリティ管理システム、セキュリティ管理方法、プログラム、及び、記録媒体
EP2750068B1 (en) System and method for protecting computer resources from unauthorized access using isolated environment
KR101507701B1 (ko) 네트워크 필터 드라이버를 이용한 논리적 망 분리 시스템 및 그 방법

Legal Events

Date Code Title Description
A621 Written request for application examination

Free format text: JAPANESE INTERMEDIATE CODE: A621

Effective date: 20140210

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20140630

A871 Explanation of circumstances concerning accelerated examination

Free format text: JAPANESE INTERMEDIATE CODE: A871

Effective date: 20140630

A975 Report on accelerated examination

Free format text: JAPANESE INTERMEDIATE CODE: A971005

Effective date: 20140714

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20140722

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20141010

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20141111

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20150210

TRDD Decision of grant or rejection written
RD14 Notification of resignation of power of sub attorney

Free format text: JAPANESE INTERMEDIATE CODE: A7434

Effective date: 20150303

A01 Written decision to grant a patent or to grant a registration (utility model)

Free format text: JAPANESE INTERMEDIATE CODE: A01

Effective date: 20150303

A61 First payment of annual fees (during grant procedure)

Free format text: JAPANESE INTERMEDIATE CODE: A61

Effective date: 20150320

R150 Certificate of patent or registration of utility model

Ref document number: 5719244

Country of ref document: JP

Free format text: JAPANESE INTERMEDIATE CODE: R150

LAPS Cancellation because of no payment of annual fees